| 1 |
Raphael Melo de Oliveira Bastos Sales wrote: |
| 2 |
> He claims that if someone invades my machine, it will have direct |
| 3 |
> access to all data. That I have to distribute the database, put it in |
| 4 |
> another machine and have the web application access that database over |
| 5 |
> the network. I feel this is a bit overkill. Not only it would force |
| 6 |
> the data travel through the network, slowing it down, but would also |
| 7 |
> increase the complexity of the security layout, forcing to make the |
| 8 |
> two machines very secure, unstead of just one of them. Besides, I |
| 9 |
> might be wrong, but I feel that a Local Socket is faster and safer |
| 10 |
> than Corba trasmitting data over the internal network. |
| 11 |
> |
| 12 |
> If anybody has any comments, I'd be more than happy to hear it. |
| 13 |
|
| 14 |
first, on the issue of distributing, yes, you will have a nominally more |
| 15 |
secure application. This assumes of course that the attacker cannot |
| 16 |
take any part of your application and use it against you by accessing |
| 17 |
the database themselves. |
| 18 |
|
| 19 |
the interesting paradox is that by moving your application to another |
| 20 |
machine and using a network between them for communicating data, the |
| 21 |
application usually runs faster. |
| 22 |
|
| 23 |
Think carefully about the RPC mechanism. Don't try to reinvent the |
| 24 |
wheel with your own socket connection because you will spend a lot of |
| 25 |
time getting it right and validating it when you could be doing other |
| 26 |
things that are more fun, productive, and impressing your boss with your |
| 27 |
lack of "not invented here" attitude. |
| 28 |
|
| 29 |
corba is complex to get started but it is one of the faster RPC |
| 30 |
mechanisms available (if memory serves). XML RPC is trivially easy to |
| 31 |
use but is much slower because of XML. Sun RPC. Well, it's a gray |
| 32 |
beard. Try not to use it. |
| 33 |
|
| 34 |
On the security profile, don't sweat it. The best you can do is set out |
| 35 |
the local machine firewalls to deny access from each other except for |
| 36 |
the database connection. ssh should only be permitted from your green |
| 37 |
network. Everything else really depends on what you need exposed and where. |
| 38 |
|
| 39 |
connection security can be handled with SSL. Many database engines |
| 40 |
support this (if memory serves). |
| 41 |
|
| 42 |
|
| 43 |
---eric |
| 44 |
-- |
| 45 |
gentoo-user@g.o mailing list |
Archives